bfee25f95eeae5325d19f9368a128c40a6a7525c5f6d0f2e4f889397c837709e

Sharing

Copy URL Twitter E-mail

General

Target

bfee25f95eeae5325d19f9368a128c40a6a7525c5f6d0f2e4f889397c837709e
Size

200KB
MD5

efeaba54807e61e8f13d536218ad2363
SHA1

4e9edc927ef4924c3a152b91d4a0150ffb751ed2
SHA256

bfee25f95eeae5325d19f9368a128c40a6a7525c5f6d0f2e4f889397c837709e
SHA512

b4d4ffd6a1d680cc7561d77167361c9469dca9b95647b26321695b38c4dd85b4485f7a6a57a0afecf3d03d1cf2286cc53f62e8207f489edae38b7154166a86b2
SSDEEP

6144:SBQcRNujAlYTL1iNzFzUZtD0l26SFycd:SBnN762Qv6SIcd

Score

N/A

Malware Config

Signatures

Files

bfee25f95eeae5325d19f9368a128c40a6a7525c5f6d0f2e4f889397c837709e
.exe windows x64

1ab7150714d5727b10da29dbc8cac3d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress
VirtualAlloc
FindClose
Process32FirstW
Process32NextW
lstrlenW
CloseHandle
GetTickCount64
CompareStringW
CreateFileW
GetProcessHeap
SetEndOfFile
LoadLibraryW
GetModuleFileNameW
WideCharToMultiByte
GetCurrentProcess
CreateToolhelp32Snapshot
FindFirstFileW
WriteConsoleW
CreateFileA
SetStdHandle
HeapReAlloc
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapSetInformation
GetVersion
HeapCreate
WriteFile
GetStdHandle
GetTimeZoneInformation
SetFilePointer
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetACP
GetOEMCP
IsValidCodePage
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSize
ReadFile
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
FlushFileBuffers
SetEnvironmentVariableA

user32

GetForegroundWindow
GetDC

gdi32

SetPixel

ws2_32

gethostbyname

wininet

HttpSendRequestW
HttpQueryInfoW
HttpOpenRequestW
InternetCloseHandle
InternetOpenW
InternetConnectW

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ab7150714d5727b10da29dbc8cac3d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

wininet

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 7KB - Virtual size: 16KB

.pdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 7KB - Virtual size: 16KB

.pdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 2KB - Virtual size: 1KB